Human Behaviour in Cybersecurity: Impact on Data Security

Verified

Added on 2023/06/04

AI Summary

This thesis paper explores the relationship between human behaviour and cybersecurity, examining the impact of human factors on the security of data. The study is focused on identifying elements of cybersecurity which would benefit from further research based on findings of the literature review. The research method is based on primary data collection method using surveys and questionnaires. The selected sample is 70; these are taken to collect data. The purpose of this research study is to identify elements of the cybersecurity which would benefit from further research as well as development based on findings of the literature review.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: HUMAN BEHAVIOUR IN CYBERSECURITY
Human Behaviour in Cybersecurity
Name of the Student:
Name of the University:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1HUMAN BEHAVIOUR IN CYBERSECURITY
Abstract
The thesis paper is based on human behaviour in cybersecurity. The purpose of this thesis is to
consider issues which are affecting the human behaviour and assessing if they could better
considered in implementation of the security practices. The study is focused on human behaviour
when the employees are facing manipulation. The current security thinking is based on how to
implement object secured despite the human beings. The human activities are threats to security
chains. The research method is based on primary data collection method using surveys and
questionnaires. The selected sample is 70; these are taken to collect data. The purpose of this
research study is to identify elements of the cybersecurity which would benefit from further
research as well as development based on findings of the literature review. The result of this
study is to present need of the cybersecurity field to review in established industries to benefit
from successful practices like evaluation of human reliability and quality control of data to get
true assurance. Recommendations which are provided by the researcher to implement
cybersecurity practices in the business organizations are mandatory follow the cybersecurity
guidelines, cyber and physical asset protection and security audits.
Keywords: Cybersecurity, human behaviour, security thinking, Human reliability, Security
audits.

2HUMAN BEHAVIOUR IN CYBERSECURITY
Table of Contents
1.0 Introduction................................................................................................................................4
1.1 Background of the research study..........................................................................................4
1.2 Research aim and objectives..................................................................................................4
1.3 Research question..................................................................................................................5
1.4 Purpose of the research..........................................................................................................5
1.5 Overview of the research.......................................................................................................5
2.0 Proposed methodology..............................................................................................................6
2.1 Introduction............................................................................................................................6
2.2 Research philosophy..............................................................................................................6
2.3 Research approach.................................................................................................................7
2.4 Research design.....................................................................................................................8
2.5 Data collection procedures and techniques............................................................................8
2.6 Ethical considerations..........................................................................................................10
2.7 Research limitations.............................................................................................................10
2.8 Time horizon........................................................................................................................11
3.0 Findings from research............................................................................................................11
3.1 Introduction..........................................................................................................................11
3.2 Quantitative data analysis....................................................................................................12
4.0 Discussion of findings.............................................................................................................41

3HUMAN BEHAVIOUR IN CYBERSECURITY
4.1 Relation to research problem...............................................................................................41
4.2 Relation to literature............................................................................................................42
5.0 Conclusion and recommendations...........................................................................................44
5.1 Conclusion from data presented..........................................................................................44
5.2 Link with aim and objectives...............................................................................................45
5.3 Recommendations................................................................................................................46
5.4 Future research.....................................................................................................................47
5.5 Critical review of completed work......................................................................................47
References......................................................................................................................................49
Bibliography..................................................................................................................................50
Appendix........................................................................................................................................51
1. Literature Review..................................................................................................................51
2. Ethics form.............................................................................................................................66

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4HUMAN BEHAVIOUR IN CYBERSECURITY
1.0 Introduction
1.1 Background of the research study
Danks and Danks (2016) stated that cybersecurity is extremely important in modern
society. With the technical attacks, criminals are benefitting from the information they have
received. The criminals get access to credit information, business secrets, passwords, account
and personal information of victims. This stolen information is used to blackmail and sell
information to the victim himself. For example, a hard disk is encrypted and then the encryption
key is sold back tothe victim. Gutzwiller et al. (2015) argued that social engineering is uncertain
is the modern world where humans are more aware and more suspicious about securing their
personal information.
1.2 Research aim and objectives
This research study is based on exploring the relationship between human behaviour and
cybersecurity and examining the impact of human factors on the security of data. The research
work is based on identifying the elements of cybersecurity which would benefit from further
study and development based on the literature findings. Following are the research objectives
such as:
 To identify cybersecurity events caused due to human errors
 To assess human behaviour considered in the implementation of the security practices
 To identify the significance of human behaviour on the cybersecurity assurance

5HUMAN BEHAVIOUR IN CYBERSECURITY
1.3 Research question
The selected research questions based on the research topic are:
1. What are possible cybersecurity breaches and thesignificance of human behaviour on the
cybersecurity assurance?
2. How is it assessed that human behaviour isconsidered inthe implementation of the
security practices?
3. What are possible security incidents because of human behaviour?
1.4 Purpose of the research
The purpose of this research is to consider thecauses of human behaviour and assess
whether it is better taken for theimplementation of security practices. The study is focused on
human behaviour plus social engineering. The activities of humans are always a threat
towardsthe security chain. The cybersecurity events are discussed in the study so that humans are
aware of the attacks caused due to human errors.
1.5 Overview of the research
The research discussed the series of events which are focused on how the social engineers
are taking advantage of human behaviour. The first section describes the background of the
research. It provides research aims, objectives and questions on whichthe entireresearch study is
based. The next chapter is focused on the term social engineering andthe impact of human
behaviour on cybersecurity. The third chapter consists of the methods and techniques which are
used to collect data for this research study. This section deals with how collected information
canbe used to allow the social engineer to identify the cybersecurity threats due to human errors.

6HUMAN BEHAVIOUR IN CYBERSECURITY
The fifth section provides an analysis of collected data where social engineering is an action. It is
focused on the events against the social engineering throughout security thinking to prevent the
cybersecurity events. The sixth section summarises the events due to which research goals are
achieved. It provides a discussion about if the study is meeting with its aims and objectives.
2.0 Proposed methodology
2.1 Introduction
Gast and Ledford (2014) stated that the research methodology is utilised to introduce
statistical tools for analysing the data to the researcher. It is used to introduce concepts related to
the scientific research and methods which are conducted for scientific inquiry. The research
methods and techniques are used to adopt and conduct the study related to human behaviours in
cybersecurity. The methods as well as techniques are used to solve the research related problems.
2.2 Research philosophy
Creswell (2013) discussed that research philosophy deals with nature and development of
the knowledge. The concept related to the philosophy collects primary and secondary data to
create new knowledge related to the thesis work. There are three types of research philosophy
which are termed as positivism, realism and interpretivism. This method is used to determine
hidden facts related to selected research philosophy. The research philosophy is belief about
ways in which the data about research phenomenon should gather and analyses.
After analysing the selected topic “Human behaviour in cybersecurity”,it was determined
that positivism would be selected as the research method. All the hidden facts were being
evaluated in scientific manner with an application of the particular philosophy. This method is

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7HUMAN BEHAVIOUR IN CYBERSECURITY
used as it is believed that reality is stable and observes and describe from the viewpoint of
research objectives. It involved manipulation of reality with the variations into single
independent variables to form relationships between elements into the social world. In this study,
predictions are made based on previously observed as well as explained realities and
interrelationships.
2.3 Research approach
The research approach is selected to determine the research aim as well as objectives so
thatthe selected topic is analysed critically. There are two types of research approaches,
deductive as well as inductive. Mackey and Gass (2015) stated that the inductive approach is
used as a study to learn the selected topic at the time when proper data is not available.
Observation is used as a technique to get related data so that the research path is built based on
the method. In order to build theories related to the selected topic,the inductive approach is
suitable. The deductive approach is selected as a method which can describe the practical
applications related to the theories which are required to get access related tothe content of data
investigations.
In order to investigate details related to human behaviour in cybersecurity, the most
suitable approach wasdeductive. The results obtained from this approach provided a clear
understanding of the human errors which occurred due to cybersecurity threats in particular
behaviour. In this case,the inductive approach failed to meet with the research objectives as the
researchers failed to highlight innovative concepts as well as theories based on the human
behaviour. The human behaviour in cybersecurity helped to recognise the comprehensive
thoughts in precise way.

8HUMAN BEHAVIOUR IN CYBERSECURITY
2.4 Research design
Maxwell (2012) determined that the research design will help the researcher to select the
issues in the research work. It aims to combinethe significance of the purpose of this research
study. It will also draw out the processthe researcher performs in terms of the hypothesis
equippedsuggestions and completed data analysis. There are three types of research
design:descriptive, exploratory and explanatory for analysing the selected topic. Exploratory
design is used to prepare research issues for in-detail investigation for the prepared aspects
(Silverman 2016). It is flexible for permitting different scopes of the issues under the research
study. Explanatory research design is utilised to find explanations to carry out the research
related study. Descriptive design is used to describethe characteristicsof aspecific individual. It is
suitable to protect data against the bias and raise reliability to finish the research work in a
financial way.
In this particular study to analyse the selected topic, descriptive research design was
selected to finish off theframework of this research study. This selected research design wasused
to gain details on characteristics of the individuals who carried out the critical analysis of
selected thesis work. Using this research method, various project factors were understandable.
The detailed human errors involved in cybersecurity threats are efficiently determined by means
ofa descriptive research design method.
2.5 Data collection procedures and techniques
In order to conducta study on the human behaviour errors which lead to cyber threats,
thedata collection method is used to gather data for getting better research outcomes. The data
iscollected from the factors which are used in the literature study relevant tothis thesis topic. The
data collection is used to collect data and this data is analysed to get proper project related

9HUMAN BEHAVIOUR IN CYBERSECURITY
decisions (Smith 2015). The data collection method is divided into two forms: data sources and
data analysis.
For thespecific selected thesis topic “Human behaviour in cybersecurity”, primary data
sources were used for gatheringthe required information. In order to get data based on thesis
needs, selection of proper data sources was vital. Suitable data sources provided helpful
materials and information regarding the research topic. In order to gather raw data on the survey
questions based on the selected research questions, objectives and literature study, primary data
sources were helpful to widen the topic towards statistical level. The primary data were collected
bythe researcher based on the research needs. Primary data was used to clarifythe reliability and
validity of collected raw data. The primary data sources included proper interaction with the
individuals in terms ofthe surveymethod. The participants took part in the survey were selected
on a random basis to perform the primary research.
In order to analyse collected raw data, quantitative data analysis techniques were used to
add practical and statistical concepts to the selected thesis topic. The practical concepts related to
the human errors and threats thatlead to cybersecurity issues were understood in a better way
withthe help of quantitative data analysis. It helped to record statistical data even if the selected
sample size was 70. On a random basis, the individuals selected were those facing cyberthreats
and usinga computer for their daily working life. The individuals were asked to participate in the
survey throughan online method where the survey link was provided they had to provide their
responses based on the cyberthreats they were facing due to human faults. This data technique
was being applied bythe researcher to collect and analyse human behaviour in cyberthreats.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10HUMAN BEHAVIOUR IN CYBERSECURITY
2.6 Ethical considerations
Following are the ethical considerations which are required to follow to conduct this
research study such as:
a. The researcher is required to maintain a code of conduct to help the participants to
recognise right and wrong behavioural sets. In order to analyse human behaviours
in cyberthreats, the data gathered is vital.
b. Based on following the code of conduct, the findings for this research study will
be used for academic purposes only.
c. The researcher should respect anonymity as well as confidentiality of collected
data which is closely connected with rights of beneficence. The researcher should
ensure that there is no physical as well as mental harassment of the respondents
taking part in the study.
d. When the researcher is not promise of anonymity, then they have to address
confidentiality that is management of the private information by the researcher for
protection of subject’s identity.
e. The researcher should also respect about privacy of the data. Without prior
knowledge and consent of the participants, their information, opinions and records
are not shared with others. All the research methodologies are discussed with
prospective subjects, and then the researcher is prior to the investigations.
2.7 Research limitations
The participants involved in the survey are not forced and influenced to provide their
feedback. The issues related to reliability provide negative impact on the research work. Due to
lack of budget, SPSS analysis is not conducted; therefore sometimes there is low validity to

11HUMAN BEHAVIOUR IN CYBERSECURITY
check raw data. The researcher faced issues of lack of time as this study is cross sectional in
nature. As this research study is cross sectional, therefore in-depth analysis is to be eliminated in
this case.
2.8 Time horizon
Main activities/ stages 1st
Week
2nd
Week
3rd
Week
4th
Week
5th
Week
6th
Week
7th
Week
Thesis topic selected 
Research sources identified  
Design and development of layout of
research

Literature study on selected topic  
Plan the entire study 
Select accurate techniques and
methods
Primary data collection  
Analysing raw data 
Findings of research study 
Discussion of findings 
Form a research draft  
Final submission 

12HUMAN BEHAVIOUR IN CYBERSECURITY
3.0 Findings from research
3.1 Introduction
In this particular chapter, the researcher has tried to show data analysis to analyse human
behaviour in the cyberthreats. Withthe help of quantitative analysis, the data analysis is
performed which helps the research process to increasethe quality of collected data and make a
better analysis plus conclusion forthe selected topic. Mackey and Gass (2015) stated that data
analysis helps the researcher to implement theoretical knowledge into the practical application.
The researcher found information and details related to theselected thesis topic and then analysed
the findings to add validity to the data collection method.
3.2 Quantitative data analysis
The online questionnaire was created with 29 questions for the participants to give their
responses on survey questions. The questions were chosen and aimed to gather views and insight
of perceptions of participants of cybersecurity. It was observed that there area total of 100
responses, but some of the respondents viewed the survey questions but were not willing to
provide their answers. Therefore, the selected sample size of this study was 70. Among 100
respondents, 80 respondents filledin the general information but due to lack of knowledge of the
selected research topic, they did not continue with rest of the questions. It found that 70
respondents completedthe entire survey form.
Section 1: General Information
1. Please choose your gender
Options Number of responses Total respondents Percentage of responses

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13HUMAN BEHAVIOUR IN CYBERSECURITY
Male 40 80 50%
Female 40 80 50%
Table 3.1: Gender
Figure 3.1: Gender
Findings:
From the above figure, it was analysed that 50% of the respondents were both male and
female. Therefore, both genders were interested in the survey.
2. Age group (years)
Options Number of responses Total respondents Percentage of responses
18-25 25 80 31.25%
26-30 28 80 35%
31-35 17 80 21.25%
36-40 5 80 6.25%
41 or more 5 80 6.25%

14HUMAN BEHAVIOUR IN CYBERSECURITY
Table 3.2: Age group
Figure 3.2: Age group
Findings:
From the above figure, it was analysed that most of the respondents who were interested
in the survey were in the age range of 26-30 years. Therefore, mostly adults provided responses
are adults.
3. What is your profession?
Options Number of responses Total respondents Percentage of responses
Student 42 80 52.5%
Business 15 80 18.75%
IT Engineer 6 80 7.5%
System Analyst 4 80 5%
Teacher 2 80 2.5%
Bank professional 1 80 1.25%

15HUMAN BEHAVIOUR IN CYBERSECURITY
Researcher 2 80 1.25%
Job 1 80 1.25%
Studying 1 80 1.25%
Employee 1 80 1.25%
Payments Officer 1 80 1.25%
Job Holder 1 80 1.25%
Web developer 1 80 1.25%
Customer advisor 1 80 1.25%
Admin 1 80 1.25%
Table 3.3: Profession
Figure 3.3: Profession
Student
IT Engineer
Teacher
Researcher
Studying
Payments Officer
Web developer
Admin
0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00%
52.50%
18.75%
7.50%
5.00%
2.50%
1.25%
1.25%
1.25%
1.25%
1.25%
1.25%
1.25%
1.25%
1.25%
1.25%
Profession

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

16HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that most of the respondents who provided
responses were students. The students were mostly dealing with the cyberthreats as they were
using computers for their daily work schedule and educational purposes.
Section 2: Human behaviour in cybersecurity
1.Do you think that management has responsibility to ensure that the company is protected
from cyberthreats?
Options Number of responses Total respondents Percentage of responses
Yes I think 61 70 87.14%
No, I do not think so 9 70 12.86%
Findings:
From the above figure, it was analysed that 87.14% of the respondents think that
management has responsibility to ensure that the company is protected from cyberthreats. The

17HUMAN BEHAVIOUR IN CYBERSECURITY
management provides good ideas to use various backup methods to help and ensure that the
personal information of the employees is secured.They covered all times with required strategies
and plans against the cyberthreats. The cybersecurity consultants performed regular audits to
protect the data.
2.The end users failed to follow security policies and procedures. Do you agree that it is a
factor of cyber breaches due to human error?
Options Number of responses Total respondents Percentage of responses
I agree 52 70 74.29%
I disagree 10 70 14.29%
Neither agree nor
disagree
8 70 11.43%
Findings:
From the above figure, it was analysed that 74.29% of the respondents agreed that the
end users failed to follow the security policies and procedures. It is one factor which caused
cyber breaches because of errors from the human side.The security policies followed a set of

18HUMAN BEHAVIOUR IN CYBERSECURITY
objectives of the company, therefore rules of human behaviour for the users and system
requirements ensured the security ofthe network. It is analysedthat failing to do so will have an
effect on the organisational reputation.
3.You receive an email at your work from an unknown email address with a link. It
requests you to click the link for further details to view. What will you do in this case?
Options Number of responses Total respondents Percentage of responses
I will click on the link 12 70 17.14%
I will not click on the
link
42 70 60.00%
I will not click on the
link and report to the
security department
16 70 22.86%

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

19HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that60% of the respondents would not click on the
link which asked for further details of the user. In this case, if the user clicks on the link then the
user will get hacked and the hacker could steal confidential information about the victim from
the computer. Most viruses such as Trojan horses are activated when the user opens the
attachment and clicks the link contained in the email message.
4.Do you think that humans should receive training regards password strength, complexity
and schedule changes?
Options Number of responses Total respondents Percentage of responses
Yes 61 70 87.14%
No 9 70 12.86%
Findings:

20HUMAN BEHAVIOUR IN CYBERSECURITY
From the above figure, it was analysed that87.14% of the respondents thought that
humans should receive training with regardsto strength of password, complexity and schedule
changes.The password policy is part of the official regulations of a company and it is taught
through security awareness training. Training provides strength of password as function of length
and complexity with a length of eight characters or even more.
5. Do you protect network against internal and external besides attacks with firewalls?
Options Number of responses Total respondents Percentage of responses
Yes I do 45 70 64.29%
No, I do not 14 70 20.00%
Have no idea about
firewall
11 70 15.71%
Findings:
From the above figure, it was analysed that 64.29% of the respondents protected their
network against internal and external besides attacks with the firewall. If there are cyberthreats

21HUMAN BEHAVIOUR IN CYBERSECURITY
from outside, then it should require placinga firewall between external and internal networks. It
is used to block access to the sites on the internet and prevent the users from accessing unknown
servers.
6. Do you think the administration monitoring your computer all time?
Options Number of responses Total respondents Percentage of responses
Yes 50 70 71.43%
No 9 70 12.86%
I do not know 11 70 15.71%
Findings:
From the above figure, it was analysed that 71.43% of the respondents agreed that their
computer are monitored by administration all the time. The IT administrators can manage a fleet

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

22HUMAN BEHAVIOUR IN CYBERSECURITY
of the computers. When the users are suspicions that the computer isbeing monitored, then the
administrator needs to check the start menu to review which programs are running.
7.If any of your colleagues ask for one of your systems username and password. What will
you do?
Options Number of responses Total respondents Percentage of responses
I will provide it 22 70 31.43%
I will refuse 48 70 68.57%
Findings:
From the above figure, it was analysed that 68.57% of the respondents refused to provide
system usernames and passwordsto their colleagues. If the user provides single passwords to
each device, then it will be a risk to provide details to others.
8.You receive an email from your employee’s HR department, they are asking for your
bank details and some of your personal details. What will you do?
Options Number of responses Total respondents Percentage of responses

23HUMAN BEHAVIOUR IN CYBERSECURITY
Reply that email with
the bank and personal
details
17 70 24.29%
I will ignore the email 40 70 57.14%
Not going to reply and
report to the phishing
email
13 70 18.57%
Findings:
From the above figure, it was analysed that57.14% of the respondents ignored the email
received from the HR department asking for bank and personal details.The HR department will
ask for a bank account number but never asked for the in-depth details regarding the account. In
this case, the user should spot the scammer if no contact details are provided and has vague
information in the email.
9.Which of the following statements do you follow to ensure your online presence remains
private and accounts remain secure?

24HUMAN BEHAVIOUR IN CYBERSECURITY
Options Number of responses Total respondents Percentage of responses
I will make sure that my
passwords are secured
17 70 24.29%
I will use two-step
verification when it is
available
42 70 60.00%
I will use browser add-
ons designed to protect
the privacy
7 70 10.00%
I will use of VPN
network
4 70 5.71%
Findings:
From the above figure, it was analysed that 60% of the respondents will use two-step
verification to ensure that their online presence remains private and accounts remain secured.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

25HUMAN BEHAVIOUR IN CYBERSECURITY
Among all the pass protection methods, two-step verification is the most suitable one as the user
can addan extra layer of security to the account. This verification can be a text message or call
and security key. Recovery information is also provided in this case.
10. How often do you change computer password?
Options Number of
responses
Total respondents Percentage of responses
On a weekly basis 16 70 22.86%
On a monthly basis 33 70 47.14%
Never change the password, until
it is not required
21 70 30.00%
Findings:
From the above figure, it was analysed that 47.14% of the respondents agreed that they
change the password on their computer on amonthly basis. The security guideline recommended

26HUMAN BEHAVIOUR IN CYBERSECURITY
a password change between 30-180 days. A monthly basis password change improves security
but makes security worse by supportingthe use of passwords which are vulnerable to crack.
11. How careful are you when you open an attachment in email?
Options Number of
responses
Total
respondents
Percentage of responses
As long as I know the person or
company that sent the attachment
I open it
52 70 74.29%
There is nothing wrong with
opening attachments
18 70 25.71%
Findings:
From the above figure, it was analysed that 74.29% of the respondents were careful at the
time of opening attachments. They open attachments as long as they know the person or

27HUMAN BEHAVIOUR IN CYBERSECURITY
company thathave sent it. The users should use caution at the time of opening files which come
from another person.
12.How should you respond if someone is harassing you by email?
Options Number of
responses
Total respondents Percentage of responses
Do not reply to unsolicited,
harassing and offensive e-
mail
15 70 21.43%
Do not open the attachments
as it may contain viruses
36 70 51.43%
Complaint to the law
enforcement department
19 70 27.14%
Findings:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

28HUMAN BEHAVIOUR IN CYBERSECURITY
From the above figure, it was analysed that51.43% of the respondents responded to
aharassing email by not opening the attachments as it contains viruses. The harassing email
reveals the personal information of others like address, email addresses, private phone number,
and passport number as well as bankaccount information.The content is the email is posted to
humiliate someone. It may threaten the individuals with physical harm and destruction of private
property.
13.When attempting to get someone’s information, social engineering tactics are utilised
less than basically hacking someone’s software.
Options Number of responses Total respondents Percentage of responses
True 53 70 75.71%
False 17 70 24.29%
Findings:

29HUMAN BEHAVIOUR IN CYBERSECURITY
From the above figure, it was analysed that 75.71% of the respondents agreed that when
attempting to get someone’s information, the social engineering tactics are utilised less than
basically hacking someone’s software. The social engineering attacks are aform of psychological
manipulations and unsuspected the users inthe handling of confidential data. The companies and
employees are required to better identify the efforts of social engineering and then prevent the
attacks from following.
14.An email claims that you have won a lottery, and asked you to fill the corresponding
information. What will you do?
Options Number of responses Total respondents Percentage of responses
I will provide it 17 70 24.29%
I will not provide it 53 70 75.71%

30HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that 75.71% of the respondents will not provide
corresponding details to others when an email claimed that the user had won thelottery. The
lottery scam is a fraud which can begin withan unexpected notification of email, mailing and
phone calls. In the email, there is message like “You have won!” a large amount of money from
a lottery. The target of this type of scam is to pay processing fees to obtain their winnings.
15.How to avoid becoming a victim of social engineering?
Options Number of
responses
Total
respondents
Percentage of
responses
Avoid clicking on embedded links and
downloading attachments from
unknown sources
37 70 52.86%
Use everywhere same password 27 70 38.57%
Use public Wi-Fi 6 70 8.57%

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

31HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that 52.86% of the respondents claimed that in
order to avoidbecoming a victim of social engineering, one should avoid clicking on embedded
links and downloading attachments from unknown sources. The employees are educated about
the phishing emails and spotted them. It insisted that the employees use stronger passwords for
the email system.
16. Once an unsocial message came from friend’s social media account in your message
box. What will you do?
Options Number of responses Total respondents Percentage of responses
I will inform the friend
regarding the matter
38 70 54.29%
I will not inform the
friend
25 70 35.71%
I will block the friend 7 70 10.00%

32HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that54.29% of the respondents responded that
when an unsocial message came from afriend’s social media account in their message box, then
the user should inform the friend regarding the matter. When an unsocial message came from my
friend, I understood that it is not them who were sending the messages, and informed the friend
about the hacking of their social media account. It would help the friend to take proper steps on
time before it had an effect on the user’s reputation.
17.Great and amazing deals show up in the social networking sites and you see that the
seller has a good rating too. What you will do in this case?
Options Number of
responses
Total respondents Percentage of responses
I will purchase items 29 70 41.43%
I will avoid the scheme 41 70 58.57%
Findings:

33HUMAN BEHAVIOUR IN CYBERSECURITY
From the above figure, it was analysed that 58.57% of the respondents will avoid the
scheme regarding great and amazing deals showing up in social networking sites. Purchasing of
deals in social media is avoided as in most cases; it would hack the personal and sensitive
information from the user’s account and share them with others.
18.Is anti-virus currently installed, updated and enabled on your computer?
Options Number of responses Total respondents Percentage of responses
Yes, it is 27 70 38.57%
No, it is not 9 70 12.86%
I have antivirus installed
but not updated
27 70 38.57%
Not sure 5 70 7.14%
I do not know what anti-
virus is
2 70 2.86%

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

34HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that 38.57% of the respondents agreed with two
options regarding the current installed, updated and enabled typeof anti-virus on the computer.
The user has anti-virus software and also said that the antivirus is installed but not updated. The
users sometimes purchase the anti-virus software for better security and in some cases; download
the security essentials for free. In those cases, they are required to update the software on time so
that it can secure the computer or laptop from viruses.
19.What will you do when you come to know that an attacker infected dozens of USB with
Trojan viruses plus dispersed the around parking lot of the organization. When employee
will pick up USB and plugged in the computer, then it will get access to the employee’s
login credentials.
Options Number of responses Total respondents Percentage of responses
I will inform the
company about this
strategy
55 70 78.57%
I will not inform 12 70 17.14%
I will let them know
when I will next in
3 70 4.29%

35HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that 78.57% of the respondents responded that
they will inform the company aboutan attacker infecting dozens of USBs with Trojan viruses
plus dispersing them around the parking lot of the organisation. It was observed that when
anemployee picked up a USB and plugged it in the computer, then it will gainaccess to the
employee’s login credentials.
20.A random call comes to an employee claiming that they are contacting regarding an
issue. They try to solve employee’s problems by exchanging of materialistic things such as
gifts in return for the information. What will you do?
Options Number of responses Total respondents Percentage of responses
I will share the
information with an
unknown person
15 70 21.43%

36HUMAN BEHAVIOUR IN CYBERSECURITY
I will not share and
avoid the person
41 70 58.57%
I will never receive such
type of unknown calls
14 70 20.00%
Findings:
From the above figure, it was analysed that58.57% of the respondents will not share and
avoid the person when a random call comes to an employee claiming that they are contacting
themregarding an issue. They try to solve employee’s problems by exchanging materialistic
things such as gifts in return for the information. The social engineering scams happen by evil
minded people to support greed of money. It also occurred to harvest information from people
and involved playing with the minds of others to obtain things. Quid pro quo is a social
engineering method involved with this type of attack.
21.You start a new job, and the first thing your new company wants you to do is create a
user ID and a password. Which of the following would be a strong password?

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

37HUMAN BEHAVIOUR IN CYBERSECURITY
Options Number of responses Total respondents Percentage of responses
The name of the
company
4 70 5.71%
Your birthdate 23 70 32.86%
Your initials
(capitalized) and the
number of the floor you
are on
35 70 50.00%
The name of the
company spelt
backwards
8 70 11.43%
Findings:
From the above figure, it was analysed that50% of the respondents give their password as
their initials (capitalised) and the number of the floor the user is on. It will be a secured password
while the new company wants to do is to create a user ID and a password as that most people and
hackers cannot guess as it is always an uncommon password which is difficult to guess.

38HUMAN BEHAVIOUR IN CYBERSECURITY
22.Do you use the same passwords for your work accounts as you do for your personal
accounts at home, such as Facebook, Twitter or your personal email accounts?
Options Number of responses Total respondents Percentage of responses
Yes, I do 37 70 52.86%
Yes, I do not 33 70 47.14%
Findings:
From the above figure, it was analysed that 52.86% of the respondents use the same
password for their work accounts and personal accounts at home.It is easier for the user to
remember the password, but there is also a possibility of hacking the information as when one
gets the password for work accounts, then they can get the password for other accounts.
Therefore, it is suggested to use different passwords for individual accounts.

39HUMAN BEHAVIOUR IN CYBERSECURITY
23.Have you logged private accounts using public computers such as a library or hotel?
Options Number of responses Total respondents Percentage of responses
Yes, I have 44 70 62.86%
No, I haven’t 26 70 37.14%
Findings:
From the above figure, it was analysed that 62.86% of the respondents logged private
accounts using public computers such as a library or hotel. In that case, the user should use a
secured connection and wireless network. With encrypted connections, it is required to enter the
key. In case the public computer is used, the user should not send and receive private
information. It is suggested to use secured and encrypted virtual private network.
24.Is the firewall on your computer enabled?
Options Number of responses Total respondents Percentage of responses
Yes, it is enabled 42 70 60.00%
No, it is not enabled 13 70 18.57%
Not sure 15 70 21.43%

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

40HUMAN BEHAVIOUR IN CYBERSECURITY
Findings:
From the above figure, it was analysed that60% of the respondents agreed that their
computer is enabled with a firewall. Only one firewall is being enabled at a time. When the user
has antivirus and security program installed withtheir own firewall, then it is required to disable
it first. The firewall can help to stop the computer from sending malicious software to other
computers and stealing information from user accounts. It prevents the hackers gaining access to
the computer through the network. When the firewall is enabled, most programs are blocked
from interacting through the firewall.
25. When you browse a website, do you check the padlock on your browser?
Options Number of responses Total respondents Percentage of responses
Yes, I always check 24 70 34.29%
No, I never check 17 70 24.29%

41HUMAN BEHAVIOUR IN CYBERSECURITY
No, I have no idea what
a padlock is
13 70 18.57%
Yes, I check sometimes 16 70 22.86%
Findings:
From the above figure, it was analysed that 34.29% of the respondents at the time of
browsing a website, check the padlock on the browser.The padlock icon is at the bottom of the
web pages which indicates that the page uses SSL protocol. There is a data transfer security
which can encrypt data and also authenticate the server and the integrity of messages.
4.0 Discussion of findings
4.1 Relation to research problem
In most of the organisations, the management is not interested or supported to ensure that
the computer is being protected from cyberthreats. It is a problem as without their help, the
company would not be able to prevent and avoid the threats that might occur. The world of
online or offline businesses can bring the possibility of scams and risks related to security. The

42HUMAN BEHAVIOUR IN CYBERSECURITY
attack can damage the business reputation in the market and cause financial problems which
affect the business profits in addition to productivity. There is a requirement to back up the
business data and website which help recover the loss in the event ofan attack. The cybersecurity
threats cause financial problems. The senior management is required to plan in addition
tomaking decisions focusing on the implementation of security measures in the business. The
attitudes of employee are negative towards the security when security programs are
implemented. The cyberspace provides opportunities for innovation in addition to societal
development while it raises issues for the policy makers to protect cyber vulnerabilities.It has
been found that the breaches can threaten the critical network infrastructure, privacy of the user’s
data and sensitive information.
It is found that the cyber attacks can threaten the global economy as well as raisethe
outlook of the cyber welfare among states. In companies, the end users failed to follow security
policies and procedures, which is a factor of cyber breaches due to human error. The employees
are not trained withregards to strength of password, complexity and schedule changes; therefore
in this case there is thepossibility of hacking the confidential information from the computer by
hacking the information. The administration needs to monitor the computer on a regular basis to
prevent the hackers from stealing data such as account information and other personal details. If
a colleague asks for the system username and password, the user should not provide it as there is
possibility that the colleague can ask for it for malicious purposes.
4.2 Relation to literature
This has been discussed in the literature study that the cybersecurity breaches occur due
to human behaviour. The humans are aware about data confidentiality and sensitivity when
through online mode; the data are shared to others. The threat of stolen data is in the hand of the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

43HUMAN BEHAVIOUR IN CYBERSECURITY
third parties which is a major concern for humans. As per my research, it was found that thereare
two major cyberthreats which have occurred because of human errors such as unauthorised usage
of data plus inappropriate access to private data.In my point of view, the threats in cyber sphere
are considered as social engineering attacks where human beings are being influenced by means
of physical manipulation.The risk managers in companies develop strategies to protect assets and
formulate budgets integrating information security for cancelling the risks of stolen data and
hacking. The cyberattacks are broken down into two types such as goals to disable targeted
computers and access to target computer’s data. The techniques which are used by the hacker to
attack a victim’s computer are malware. It is downloaded to target the computer through an
email link that can steal data.
From my real life experience, it was found that phishing emails are sent to fool the victim
into giving passwords and taking harmful actions.I had also faced attack like Drive-by download,
where I am not required to click on anything for downloading and installing malware, while I
just have to visit the website which is compromised to get the computer infected.It can exploit
exposed security flaws into the web browser as well as the operating system. The download as
well as installation of malware is invisible to the victim. It is not possible to just see the website
to understand that the website is being infected.It is found that the company takes steps to help
protect the business plus maintain the trust of customers and their confidences. In my point of
view, the best idea to use two-method authentication for ensuring that there is safety of
confidential and sensitive files from the hacker to make the files secured. I used this method for
secured storing of my confidential data.I used a back-up system in the server backup, daily
backup to the portable devices and cloud storage services.The malware and viruses infect the
computer, therefore I installed security software which can prevent infections and make sure that

44HUMAN BEHAVIOUR IN CYBERSECURITY
the computer devices are enabled with anti-virus software. Ona monthly basis, I updated my anti-
virus software so that it can protect the devices from hacking.There is firewall security set up to
protect the internal networks. The firewall is installed on portable devices and need to be kept
updated to prevent the threats entering into the network.
5.0 Conclusion and recommendations
5.1 Conclusion from data presented
From the data analysis findings and literature study, it is concluded that the survey is
conducted from random population those are using computer for daily work life and facing
cyberthreats. From the findings, it is concluded that Asia has lack of knowledge on the
cybersecurity. They have weak information security against the cyberthreats. The countries such
as Singapore, Malaysia, and Indonesia are new to the IT market. With growing into the IT
industry, the companies of Asia are not updated with latest technologies for providing quality
services plus productivity into the countries. With increase in the internet usage, Asia is prone to
the attacks from the outside sources. The cyberattacks use methods for altering computer code
which results in system failure. They have weak governance in handling of the confidential
information; therefore they become a target of cyberattacks. Delay into the security measures
also cost high due to financial losses. Better quality, secured software, productive cybersecurity
tools and better training of the workers operate as well as manage IT systems. The digital
technologies are at centre of the technology which is powerful enough to human stupidity. The
hackers play a key role in shaping the criminal world, as the digital technology along with
physical infrastructure become close tied together as well as integrated into the human life.

45HUMAN BEHAVIOUR IN CYBERSECURITY
5.2 Link with aim and objectives
The aim of this study is to explore relations among human behaviour and cybersecurity
analysing the impact of human factors for security of data. Below are the objectives of the study
which are linked with research findings such as:
Objective 1: To identify cybersecurity events caused due to human errors
The cybersecurity events which are caused due to human errors are unauthorised usage of
data in addition to inappropriate access to private data. The cybersecurity events which occur due
to human errors are clicking on emails from unknown websites with a link asking for further
personal details, receiving an email from the employee HR asking for the bank details and some
of the personal details and using two-step verification for ensuring online presence remains
private and accounts remain secure.
Objective 2:To assess the human behaviour considered in the implementation of security
practices
Training regarding password strength, complexity and schedule changes is required to
assess security practices. Protection of the network against internal and external attacks with
firewalls andmonthly change of password are security measures taken in the company.The
management can support contributions towards knowledge sharing related to information
security.There is a requirement to build organisational structure to support the culture of the
organisation. Security awareness provides people with information and skills to accomplish
individual realization that can put changes to disclose the commerce value as well as influence
over behaviour change.
Objective 3:To identify significance of human behaviour on the cybersecurity assurance

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

46HUMAN BEHAVIOUR IN CYBERSECURITY
Humans are aware of sensitivity of data at the time of sharing personal as well as
confidential information throughout using online mode. The online consumers are determined on
whether the web providers are selling their confidentialdata to third parties exclusive ofapproval
plus knowledge.The human behaviour is required to protect the personal data.Human security
programs are implemented so that they should aware of possible security threats in the computer
network.
5.3 Recommendations
Following are the recommendations which are suggested to prevent and avoid the
cyberthreats in the computer network as:
Mandatory follow the cybersecurity guidelines: The organizations should formulate
cybersecurity guidelines for the financial and other sector. The security guidelines should focus
on broad based standards in its place of precise rules. The guidelines should become outcome
based and implement senior management liability and responsibility.
Cyber and physical asset protection: The organizations should communicative security
certifications which are required to protect cyber and physical asset. The organization should
recognize, continue baseline for the critical cyber and physical assets. Those assets should
subject to period of the security audits.
Security audits: The organization should mandate to carry out self assessments for
evaluation of cyber security positions apart from cyclic third party security audits. The
organization should facilitate industry wide security drills for preparing the organizations to
handle real life security incidents. Automation as well as IT proliferation in the organization is
provided to formulate and mandate security guidelines for the financial and banking sector.

47HUMAN BEHAVIOUR IN CYBERSECURITY
5.4 Future research
There are various opportunities for the researcher to extend this research study by
following future scope of this research study such as:
i. The researcher should undertake longitudinal research for comparing as well as
contrasting the security positions of the organization in the financial sector before
along with implementation of security guidelines identified in this particular
study.
ii. The researcher should study effectiveness of IT acts and other cyber law
provisions for understanding suitability of existing legal frameworks in addition
to propose of enhancements to implement compulsory compliance command
recommended in this research study.
5.5 Critical review of completed work
The selected research topic “Human Behaviour in Cybersecurity”, was appropriate for
this research study as different cyber threats wereanalysed which occurred due to human errors.
The paper consisted of an abstract which provided a brief summary of the entire thesis paper so
that the reader can understand the overall content. The aims, objectives and research questions
were properly provided in the first section based on what the entire work was conducted. The
literature study was accurately provided based on the questions. The aims of this study followed
logically by means of literature review and were clearly stated. Different research methods were
provided based on how the researcher collected data and analysed that data using a primary data
method. The method to select the sample was clearly described.The questions selected for
performing the survey were relevant to the research study and presented in figures in the paper.
There were some ethical objections to the research study as the data was used for academic

48HUMAN BEHAVIOUR IN CYBERSECURITY
purposes only and not shared with others. The respondents were also treated with respect in
addition to not harassed. The percentages and statistical values were accurate and clear based on
the responses of participants involved in the research study. Discussion of the findings based on
the research problem and literature study were analysed effectively in this paper.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

49HUMAN BEHAVIOUR IN CYBERSECURITY
References
Creswell, J.W., 2013. Research design: Qualitative, quantitative, and mixed methods approach.
Sage publications.
Gast, D.L. and Ledford, J.R., 2014. Single case research methodology: Applications in special
education and behavioral sciences. Routledge.
Mackey, A. and Gass, S.M., 2015. Second language research: Methodology and design.
Routledge.
Maxwell, J.A., 2012. Qualitative research design: An interactive approach: An interactive
approach. Sage.
Silverman, D. ed. 2016. Qualitative research. Sage.
Smith, J.A. ed. 2015. Qualitative psychology: A practical guide to research methods. Sage.

50HUMAN BEHAVIOUR IN CYBERSECURITY
Bibliography
Ben-Asher, N. and Gonzalez, C., 2015. Effects of cyber security knowledge on attack
detection. Computers in Human Behavior, 48, pp.51-61.
Brinkmann, S., 2014. Interview. In Encyclopedia of critical psychology (pp. 1008-1010).
Springer New York.
Danks, D. and Danks, J.H., 2016. Beyond machines: Humans in cyber operations, espionage, and
conflict. Binary Bullets: The Ethics of Cyberwarfare, pp.177-197.
Flick, U., 2015. Introducing research methodology: A beginner's guide to doing a research
project. Sage.
Kott, A., Wang, C. and Erbacher, R.F. eds., 2015. Cyber defense and situational awareness (Vol.
62). Springer.
Ledford, J.R. and Gast, D.L., 2018. Single case research methodology: Applications in special
education and behavioral sciences. Routledge.
Panneerselvam, R., 2014. Research methodology. PHI Learning Pvt. Ltd..
Taylor, S.J., Bogdan, R. and DeVault, M., 2015. Introduction to qualitative research methods: A
guidebook and resource. John Wiley & Sons.

51HUMAN BEHAVIOUR IN CYBERSECURITY
Appendix
1. Literature Review
1. Introduction
Brinkmann(2014) stated that Cybersecurityis protection of the confidential data, system
along with network that is held in cyberspace. Cybersecurity is rapid development in advanced
and online technologies. LedfordandGast(2018) conducted studies with Cybersecurity field
regards to privacy of data and information and the risk identified is sharing of personal
information. The study is based on behavioural targeting of the human. The thesis aims to
explore relationship between human behaviour and Cybersecurity and examine impact of human
factors for security of data.
Based on the literature study, an understanding of term Cybersecurity is being
established. The research study is focused in introduction of Cybersecurity as some key concepts
are being discussed in details. The topic related to Cybersecurity behaviour in human context is
described to study the thesis study. The term human behaviour in Cybersecurity received lot of
attention from the researchers. One of the reasons behind Cybersecurity risk is that human are
facing difficulties to follow organizational rules plus guidelines regards to Cybersecurity. The
review of literature study is not complete depiction of research field. The research is based on
providing different relevant theories used to examine human Cybersecurity behaviour.
1.1 Purpose of research
The point of the research study is to analyse impact of the human behaviour on
Cybersecurity. The research investigates what human factors provide an impact on

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

52HUMAN BEHAVIOUR IN CYBERSECURITY
Cybersecurity. There is addition of two themes in the research aim for contribution of new
knowledge to precursor of the human deception and provide analysis of collected data for the
research study plus future research. The real-world implications are incorporated of policy level
control of how to defend the responsive information. It is based on assessing the human elements
focused around human behaviours which are main cause and driver of Cybersecurity. The thesis
study is focused on assumption that humans are concerned about privacy of the personal
information and security.
1.2 Research questions
The key question guides the research for this paper is how concern for privacy
impacted on concern for the Cybersecurity. The selected research questions based on the
research topic are:
1. What are possible Cybersecurity breaches and significance of human behaviour on the
Cybersecurity assurance?
2. How is it assessed that human behaviour considered in implementation of the security
practices?
3. What are possible security incidents because of human behaviour?
1.3 Rationale and research context
The rationale of the research study is to analyse the human behaviour in Cybersecurity.
The key significant importance of Cybersecurity is being emphasized in modern society because
of the technical attacks along with intrusion. There is review of Cybersecurity breaches and
significance of human elements on Cybersecurity assurance. The paper demonstrates

53HUMAN BEHAVIOUR IN CYBERSECURITY
Cybersecurity assurance in relation to the human factors for proper assurance of
securityframework in business organization.
The research context is based on academic and practice based context. The study is
focused on disruptions of human security throughout the Cybersecurity threats and explores
methods to keep data safe into the digital and online world. In order to prevent from the threats,
cyber education is needed which will determine stage of awareness of the impact of cyber threats
in the middle of the human and examine the knowledge they have with the cybercrime (Von
Solms and Van Niekerk 2013). By using the human behavioural vulnerabilities, the hackers are
relied on tricking the humans by providing them fake information. In essence, the organization is
protected the private data of individual, they tried to make sure of security. It is required to
protect privacy of human as it is vital to implement the security measures in addition to security
system.
The research study suggested that human behaviour is not reliable and it is influenced by
relations. The study finds that people were willing to take on risky practices. Throughout the
literature study, it is based on aspects of human behaviour. The cyber threat is being overcome
with prevention of online and confidential information from being hacked and stolen. There
should be an increase in theoretical research towards the human aspects of the Cybersecurity
based on the human errors incidents so that the organization can implement Cybersecurity
practices and awareness program for Cybersecurity assurance.

54HUMAN BEHAVIOUR IN CYBERSECURITY
2. Methodology and approach for literature review
2.1 Search terms
The search terms for this research study are Cybersecurity, human behaviour, social
engineering, Cybersecurity assurance, physical attack and personal security. Using the research
keywords, the researcher identified the search string as well as used to research related literature.
Cybersecurity: It is set of techniques which are used to protect integrity of the network,
data from attack, unauthorised access and programs.
Human Behaviour: It is reply of the individuals and groups of the humans to interior as
well as exterior stimuli. It is referred to array of physical actions as well as emotions associated
with the individuals.
Social engineering: This term is used to manipulate the individuals in divulge the
confidential as well as personal information that is used for the fraudulent purposes.
Cybersecurity Assurance: This service is designed to help the organizations improving
the security posture by improvement over the technical defences across the IT estates (Henshelet
al. 2015).
Physical attack: It is subset of the physical threats. The physical attack term is used as
means that there is attacker and intention to accomplish attack and damage to human resources
and personal information of the individuals.
Physical security: The physical security is protection of personnel, network, data,
hardware as well as software that can cause damage and loss to the agency. It is included of
Cybersecurity threats (Panneerselvam 2014).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

55HUMAN BEHAVIOUR IN CYBERSECURITY
2.2 Databases searched
The databases searched for performing the literature study are Google Scholar,
ScienceDirect, Computers in Human Behavior.
2.3 Inclusion and exclusion criteria
For the literature review, inclusion and exclusion criteria for the literature search are as
follows:
Inclusion criteria:
IC1: The sources with proper intention of providing explicit definition of the
Cybersecurity.
IC2: The sources which are available in English.
Exclusion criteria:
EC1: The sources which are provided no proper and only implicit definition of the
Cybersecurity.
EC2:Those sources which have lack of peer review and authority to define the
Cybersecurity.
The search criteria are applied for entire search processes. At the first instance, Google
Scholar database is used to identify the academic sources for the literature search. The search
scope is covered a time span of last 6 years with the search construct of topic: Human Behaviour
in Cybersecurity or near definitions. Modifications for the search query is included variations of
the search terms definition. We had found 16 authoritative sources fulfilling the inclusion criteria

56HUMAN BEHAVIOUR IN CYBERSECURITY
and included for the further analysis in context of the research questions. Therefore, we had
conducted the literature study on the search results filtered as per inclusion and exclusion
criteria, specially the date as well as educational field are being apprehensive.
3. Literature review
3.1 Cybersecurity breaches and significance of human behaviour on the Cybersecurity
assurance
According to Safa, Von Solms and Futcher (2016), the social engineers are looking
forward for human nature as well as decision making. Whittyet al. (2015) looked at willingness
of the human to pay for protection of their personal information. Ben-Asher and Gonzalez (2015)
stated that some of the individuals are aware about sensitivity of data as they are willing to share
personal and confidential information through online mode. The social engineers are preying on
qualities of the human nature as trust is required while sharing of information among others. In
some organization, the employees are sold personal information of their company to other to
receive money. Ovelgönneet al. (2017) revealed that the online customers are focused on
whether the web providers are selling their personal information to the third parties without
consent plus knowledge. It is found that most of the customers are concerned about losing
control over personal information is gathered furthermore used by the company. The threat of
stolen of personal information and fallen data in hand of third parties is a major concern for the
individuals (Taylor, Bogdan and DeVault 2015). Therefore, it is seen that human behaviour is
required to protect the personal data.
Egelman and Peer (2015) carried out the research to study possible Cybersecurity
breaches due to human behaviour. There are two main Cybersecurity issues such as

57HUMAN BEHAVIOUR IN CYBERSECURITY
unauthorisedusage of data in addition to inappropriate access to private data. The findings of this
study is based on the fact that the internet users can walk away when improper information is
being requested and concerned related to unauthorised access and usage of personal information
by third party. As Cybersecurity is a critical issue, therefore the researcher is required to control
the way to share of confidential information. AlHogail (2015) revealed that privacy concern is
not direct playing a key significant role to guide the human’s information behaviour.
3.2 Human behaviour considered in implementation of the security practices
Web based attacks exploit of vulnerabilities in the web components and compromise
server and website. Each type of cybercrime can disruptive towards human security. The
researcher argued that human behaviour plays a key function in the cyber domain as it is
associated to emotional behaviour amongst the public (Mancuso et al. 2014). Cybersecurity
threat into the cyber sphere is social engineering attack where the human beings are influenced
through physical manipulation to fulfil with strains of an attacker and disclose of personal
information. The researcher, therefore, said there is a connection between Cybersecurity and
human behaviour. Most of the scientific research is dealt with knowledge as well as human
behaviour. In order to gain a structured approach to transition from knowledge to human
behaviour, the concept of the attitude is being used.
Zhuge (2016) stated that it is imperative that the manager can develop strategy to protect
the assets as well as formulate budgets which can integrate information security to cancel out the
risks of harm sourced through credible attacks. The senior management is involved to plan and
take decisions regarding implementation of security measures in the business to overcome with
Cybersecurity risks. When the senior management is involved in process, the workers have

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

58HUMAN BEHAVIOUR IN CYBERSECURITY
positive attitude towards observance. Gutzwilleret al. (2015) argued that leadership places
information security forces culture. According to Kott, Wang and Erbacher (2015), the top
management can support stronger contribution towards information security knowledge sharing.
Management should develop organizational policies and security plans to make the strategy
related to information security. It is their accountability to provide the employees knowledge
about acceptance behaviour. There is a relationship between management supports as well as
security awareness are strengthen by means of security culture.
Coventryet al. (2014) emphasized a group dynamic in the research so that the
management can conduct fulfilment attitudes by facilitation of cross training, knowledgeable
sharing along with safety collaboration. The focus of this research study is to measure the human
attitudes and internet addiction of human so that it helps to forecast frequency to engage the
human in cyber security issues. Attitude of human is served as a metric alongside the behaviour
of persons (Kott, Wang and Erbacher 2015). Internet addiction is positive predictors to engage
the human in risky cyber security behaviours while negative attitudes towards cyber security are
a high risk for the human behaviour. Finally, the management is playing a key significant to
build organizational structure to support the culture of organization. The structure of
organization makes that the business strategy along with security functions remain aligned. van
Schaiket al. (2017) discussed that the attitudes of employee is negative towards the security if
policies along with security programs are seen as impediment to workers mission functions. It
can lead to non-compliance towards efficiency of the completed tasks. Therefore, the humans
should improve their attitudes.

59HUMAN BEHAVIOUR IN CYBERSECURITY
3.3 Security awareness among the employees
In this section, the security awareness is defined as the current and relevant context of
this research study. Measurement technique is discussed and overview of related background is
provided with regards to survey of Cybersecurity. One of the terms in field of the human aspects
of Cybersecurity is awareness of the security. Various studies are carried out to distinguish
security awareness and its training. The purpose of this current research context is focus on
security awareness so that the human factors are mitigated. The security awareness is based on
identification of IT security measures along with responds. According to McClainet al. (2015),
the security awareness is created human’s sensitivity to threats plus vulnerabilities of the
computer system and identification of need to protect information. Danks and Danks (2016)
discussed that fundamental value to the IT security awareness program is setting stage for human
training to bring changes in human attitudes that can alter the organizational culture. As per the
IT security expert, the term security awareness is misused as well as complicated and it is harder
to get. Yu and Xue (2016) argued that security awareness is realisation of consequences of
possible actions. The main focus of security awareness program is providing people with
information and skills to reach individual realization that can set changes to reveal the business
value as well as manipulate over behaviour transform.
The researcher suggested classifying various meanings into three groups as per three
dimensions extracted from the literature study as:
Security awareness as perception: The users should identify about the risks and issues
that may exist (Henshel et al. 2015).

60HUMAN BEHAVIOUR IN CYBERSECURITY
Security awareness as protection: The users should make out which issues should exist
and what possible measures to protect them are.
Security awareness as behaviour: The main reason behind security awareness program
is reduce the security incidents and hence it is not possible to have related knowledge and skills
which is required is secured human behaviour (Safa, Von Solms and Futcher 2016).
Egelman and Peer (2015) studied a conceptual analysis based on active literature to
propose Cybersecurity definitions which is used as suggestion point for the future Cybersecurity
researchers. The researcher has defined Cybersecurity awareness as a medium by which the
humans are focused on information security to make sure that all the humans should understand
roles and responsibilities in protection of information. Danks and Danks (2016) concluded that
concepts of Cybersecurity education and training are focused to prevent from security threats so
that the information and data of individuals are protected.
4. Key literature points
The human factors have higher impact in the Cybersecurity, while the current research
study is investigated influence of the human factors based on the security threats. The solution to
human behaviour security issues can supply by security education. This education can address
human factor issues by increasing in user realistic as well as hypothetical knowledge. The data
importance perception is used to address the human factors by increasing human users feeling in
provided circumstances. With technology as well as human evolved by time, security can adopt
along with progress as per advanced technologies. The human are subject to error and hence, it is
a possible point of intrusion. It is analysed that the human actors have particular degree of trusted
in the business organization and have authorization level linked with the trust.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

61HUMAN BEHAVIOUR IN CYBERSECURITY
The humans can disclose confidential information and level to manipulation of data as
they are social beings. The human behaviour is being negligent due to task interference.
Therefore, the human vulnerabilities are key important consideration when assessing the risk of
the cyber attacks. The humans are required to aware of security so that they can prevent from
being hacked of information in addition to data. The main purpose of this study is to address
issues of human factor weakness regards to the information security as well as target as wider
audiences. In order to expand method to assess the human aspects of Cybersecurity, it is required
to select measurement technique for checking validity and reliability of collected data using
primary data collection method. The survey questionnaire is a tool used in scientific research to
address requirements of research study being faster along with lower cost. It is the best method
for collecting data as it has advantage to generate larger amount of data while use of little
resources.
5. Methodology for primary research
The research is based on primary data collection method and selected data analysis is
quantitative to add depth to the research study. The selected data source is primary data sources
which provide raw data with detailed insight information related to the selected research topic.
The raw data are used in the study as it needs the validation of data sources regarding reliability
(van Schaik et al. 2017). In order to hold out the quantitative study, the researcher had chosen
online survey. The online questionnaire was created with 29 questions for the participants to
provide their responses on selected questions. The questions were chosen and aimed to gather
view and insight of perception of participants of Cybersecurity (Silverman 2016). The total time
taken to perform the survey is 1 week. In order to avoid blank responses, the researcher was
made compulsory for all the questions. Therefore, the survey will not complete until 29 questions

62HUMAN BEHAVIOUR IN CYBERSECURITY
were being answered. After the survey was closed, the participants were not able to submit the
responses, and the data was analysed. The data was analysed by use of descriptive approach. The
selected sample size of the research study is 70. The aim of this research study is understandable
with descriptive research approach used for this study.
Quantitative data analysis method is used where employees from IT industry is selected
those are facing problems of Cybersecurity due to human errors. The data analysis method is
utilised to triangulate the primary research to add evidence related to literature study. Regression
analysis is a statistical technique used to describe relations among the variables (Coventry et al.
2014). The adjusted R-square was used in determining the statistical significance of the variables
used in the model. ANOVA test was used in determining whether to reject or accept the
hypotheses.The survey is focused mainly on security incidents and its impact on the
business.The result is about malicious exploits that are attaining access to the web hosting server,
data centres furthermore name servers.

63HUMAN BEHAVIOUR IN CYBERSECURITY
References
AlHogail, A., 2015. Design and validation of information security culture framework. Computers
in Human Behavior, 49, pp.567-575.
Anwar, M., He, W., Ash, I., Yuan, X., Li, L. and Xu, L., 2017. Gender difference and employees'
Cybersecurity behaviors. Computers in Human Behavior, 69, pp.437-443.
Ben-Asher, N. and Gonzalez, C., 2015. Effects of cyber security knowledge on attack
detection. Computers in Human Behavior, 48, pp.51-61.
Brinkmann, S., 2014. Interview. In Encyclopedia of critical psychology (pp. 1008-1010).
Springer New York.
Coventry, L., Briggs, P., Jeske, D. and van Moorsel, A., 2014, June. Scene: A structured means
for creating and evaluating behavioral nudges in a cyber security environment. In International
conference of design, user experience, and usability (pp. 229-239). Springer, Cham.
Danks, D. and Danks, J.H., 2016. Beyond machines: Humans in cyber operations, espionage, and
conflict. Binary Bullets: The Ethics of Cyberwarfare, pp.177-197.
Egelman, S. and Peer, E., 2015, April. Scaling the security wall: Developing a security behavior
intentions scale (sebis). In Proceedings of the 33rd Annual ACM Conference on Human Factors
in Computing Systems (pp. 2873-2882). ACM.
Flick, U., 2015. Introducing research methodology: A beginner's guide to doing a research
project. Sage.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

64HUMAN BEHAVIOUR IN CYBERSECURITY
Gutzwiller, R.S., Fugate, S., Sawyer, B.D. and Hancock, P.A., 2015, September. The human
factors of cyber network defense. In Proceedings of the Human Factors and Ergonomics Society
Annual Meeting (Vol. 59, No. 1, pp. 322-326). Sage CA: Los Angeles, CA: SAGE Publications.
Henshel, D., Cains, M.G., Hoffman, B. and Kelley, T., 2015. Trust as a human factor in holistic
cyber security risk assessment. Procedia Manufacturing, 3, pp.1117-1124.
Kott, A., Wang, C. and Erbacher, R.F. eds., 2015. Cyber defense and situational awareness (Vol.
62). Springer.
Ledford, J.R. and Gast, D.L., 2018. Single case research methodology: Applications in special
education and behavioral sciences. Routledge.
Mancuso, V.F., Strang, A.J., Funke, G.J. and Finomore, V.S., 2014, September. Human factors
of cyber attacks: a framework for human-centered research. In Proceedings of the Human
Factors and Ergonomics Society Annual Meeting(Vol. 58, No. 1, pp. 437-441). Sage CA: Los
Angeles, CA: SAGE Publications.
McClain, J., Silva, A., Emmanuel, G., Anderson, B., Nauer, K., Abbott, R. and Forsythe, C.,
2015. Human performance factors in cyber security forensic analysis. Procedia
Manufacturing, 3, pp.5301-5307.
Ovelgönne, M., Dumitraş, T., Prakash, B.A., Subrahmanian, V.S. and Wang, B., 2017.
Understanding the relationship between human behavior and susceptibility to cyber attacks: a
data-driven approach. ACM Transactions on Intelligent Systems and Technology (TIST), 8(4),
p.51.
Panneerselvam, R., 2014. Research methodology. PHI Learning Pvt. Ltd..

65HUMAN BEHAVIOUR IN CYBERSECURITY
Safa, N.S., Von Solms, R. and Futcher, L., 2016. Human aspects of information security in
organisations. Computer Fraud & Security, 2016(2), pp.15-18.
Silverman, D. ed., 2016. Qualitative research. Sage.
Taylor, S.J., Bogdan, R. and DeVault, M., 2015. Introduction to qualitative research methods: A
guidebook and resource. John Wiley & Sons.
van Schaik, P., Jeske, D., Onibokun, J., Coventry, L., Jansen, J. and Kusev, P., 2017. Risk
perceptions of cyber-security and precautionary behaviour. Computers in Human Behavior, 75,
pp.547-559.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber
security. computers& security, 38, pp.97-102.
Whitty, M., Doodson, J., Creese, S. and Hodges, D., 2015. Individual differences in cyber
security behaviors: an examination of who is sharing passwords. Cyberpsychology, Behavior,
and Social Networking, 18(1), pp.3-7.
Yu, X. and Xue, Y., 2016. Smart grids: A cyber–physical systems perspective. Proceedings of
the IEEE, 104(5), pp.1058-1070.
Zhuge, H., 2016. Multi-dimensional summarization in cyber-physical society. Morgan
Kaufmann.

66HUMAN BEHAVIOUR IN CYBERSECURITY
2. Ethics form
Project Details
Project Title: Human Behaviour in Cybersecurity
Project Aims and Objectives
The research study is based on exploring relationship between human behaviour and Cybersecurity and
examining the impact of human factors for security of data. Following are the research objectives such as:
 To identify cybersecurity events caused due to human errors
 To assess the human behaviour considered in implementation of the security practices
 To identify significance of human behaviour on the Cybersecurity assurance
Research Methodology
The research study is based on primary data analysis performed through survey method and questionnaire
distribution and analyzing the responses. In order to perform the quantitative research technique, 70
participants were considered and they are interacted based on online questionnaire forms.
How will you approach data protection issues during your research?
All the project related data are kept secured into the database with proper password locked.
What other ethical issues should you consider when conducting this research and how will potential
ethical risk/harm be avoided?
1. The researcher is required to maintain code of conduct help them to recognise right in
addition to wrong behavioural set. In order to analyse human behaviours in cyberthreats,
the data gathered is vital.
2. The findings for this research study are avoided to limit only to the academic purposes.
3. The researcher should ensure that there are no physical as well as mental harassment of
the respondents those were taken part in the study. The researchers should avoid external

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

67HUMAN BEHAVIOUR IN CYBERSECURITY
forces while performing work in this research study.
Yes No
Already has ethical approval? o
Has peer review taken place? o
Is survey is used to collect data? o
Will you inform the participants that their participation is voluntary? o
Will you inform the participants that the data is treated as confidential? o

1 out of 68

Human Behaviour in Cybersecurity: Impact on Data Security

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Capital Structures and Profitability of Pharmaceuticals Companies Listed under Australian Stock Exchange

Impact of Rational Decision Making and Bounded Rationality on Consumer Behaviour in FMCG Sector

The Impact of Customer Perceived Value on Customer Satisfaction: A Case Study on MBO Cinemas

Asia Pacific Management Review

Topic: An Investigation into Threat Modelling Tools and Technique Used in Securing E-Commerce Applications Online

A Study Of The Structure And Function Of The................................................................................................................3 1.3.1. General Objectives 5 1.3.2. Specifi

+13062052269

info@desklib.com